Systemd services with private networking fail when run in nspawn container

Question

I'm running a systemd nspawn container, and noticed that many of the built-in systemd services are in a failing state. Investigating, I've found that the failed services are all using PrivateNetwork=yes. Looking at the service's logs, it appears the service is failing to create the network namespace requested by the PrivateNetwork directive.

I've attempted to grant Capabilities=all to my nspawn container but still run into the same issue.

Nspawn container config:

[Exec]
Boot=true
ResolvConf=off
Timezone=off

[Files]
Bind=/usr/bin/qemu-arm-static
PrivateUsersChown=true

[Network]
VirtualEthernet=false

Here's an example systemd unit exhibiting the problem:

[Unit]
Description=Test

[Service]
ExecStart=/usr/bin/sleep infinity
PrivateNetwork=yes

And here is the output of systemctl status after I attempt to run the above unit in the nspawn container:

x example.service - Test
     Loaded: loaded (/etc/systemd/system/example.service; static)
     Active: failed (Result: exit-code) since Fri 2021-04-02 18:36:31 PDT; 3s ago
    Process: 414 ExecStart=/usr/bin/sleep infinity (code=exited, status=225/NETWORK)
   Main PID: 414 (code=exited, status=225/NETWORK)

Apr 02 18:36:31 panamint systemd[1]: Started Test.
Apr 02 18:36:31 panamint systemd[414]: example.service: Failed to set up network namespacing: Input/output error
Apr 02 18:36:31 panamint systemd[414]: example.service: Failed at step NETWORK spawning /usr/bin/sleep: Input/output error
Apr 02 18:36:31 panamint systemd[1]: example.service: Main process exited, code=exited, status=225/NETWORK
Apr 02 18:36:31 panamint systemd[1]: example.service: Failed with result 'exit-code'.

The host OS is arch linux 5.11.11 running systemd 248, and the guest is arch linux ARM 5.10.25 running with qemu emulation and systemd version 248.

Any suggestions for how I can get private networking running within an nspawn container? Thanks!